CVE-2023-48303

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-48303
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-48303.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-48303
Aliases
  • GHSA-2448-44rp-c7hh
Published
2023-11-21T22:15:07Z
Modified
2024-06-06T14:31:33.810254Z
Severity
  • 2.7 (Low) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N CVSS Calculator
Summary
[none]
Details

Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.11, 26.0.6, and 27.1.0 of Nextcloud Server and Nextcloud Enterprise Server, admins can change authentication details of user configured external storage. Nextcloud Server and Nextcloud Enterprise Server versions 25.0.11, 26.0.6, and 27.1.0 contain a patch for this issue. No known workarounds are available.

References

Affected packages

Git / github.com/nextcloud/server

Affected ranges

Type
GIT
Repo
https://github.com/nextcloud/server
Events

Affected versions

v26.*

v26.0.0
v26.0.1
v26.0.1rc1
v26.0.2
v26.0.2rc1
v26.0.3
v26.0.3rc1
v26.0.3rc2
v26.0.4
v26.0.4rc1
v26.0.4rc2
v26.0.5
v26.0.5rc1
v26.0.6rc1